Lycamobile Pty Ltd (Lycamobile) has paid an infringement notice of $604,800 after the Australian Communications and Media Authority (ACMA) found prolonged and large-scale customer data failures, which could have put people in danger.
The ACMA investigation found 245,902 instances where Lycamobile did not provide accurate customer information to an industry database used by police, fire and ambulance services, and 4,207 instances where it failed to comply with ID check rules before signing up prepaid mobile customers.
ACMA Chair Nerida O’Loughlin said the Integrated Public Numbers Database (IPND) is used by emergency services when responding to Triple Zero (000) calls from the public.
Information from the IPND is also used for the Emergency Alert Service, which was relied on extensively throughout the 2020 bushfires and COVID crises.
“Telcos have a responsibility to help keep Australians safe during natural disasters or life-threatening circumstances. Lycamobile may have put people’s lives at risk by not passing accurate information on to the IPND,” Ms O’Loughlin said.
Lycamobile’s failure to undertake proper customer ID checks when activating prepaid services is also a public safety issue, as police investigations into criminal activity are hampered when the owner of a mobile phone cannot be identified.
As well as the financial penalty, the ACMA has also required the company to conduct an independent audit of its systems and processes and to implement improvements, given the serious nature of Lycamobile’s non-compliance over a lengthy period.
This is the latest action in the ACMA’s ongoing campaign to improve the accuracy of the IPND and reduce the risk of consumer harm. In 2019 and 2020, the ACMA gave remedial directions to a number of telcos for non-compliance with IPND rules.
Should Lycamobile fail to comply with its customer data or pre-paid ID check obligations in the future, the ACMA can commence proceedings in the Federal Court for civil penalties of up to $250,000 per contravention.